The Nation’s security clearance function needs to accomplish just two things—bring trustworthy people into positions of high trust and keep untrustworthy people out. We’re 0 for 2 lately. But we believe we can go 2 for 2, and offer a road-map here for getting there.

In the last five years, we have experienced security breaches of unprecedented harm while amassing a backlog of nearly 750,000 unprocessed cases. Since 2013, we have doubled the time it takes to on-board a cleared employee. Today Top Secret “SCI” clearances are averaging over 500 days while the standard in law is 90 days.

Slow security is not good security. Intelligence contractors have been unable to fill about 10,000 positions since 2013, and an estimated $1.8 billion in planned intelligence work has been deferred. The talent that intelligence and military services need to secure our country is going elsewhere.

The good news is that we have rare bipartisan agreement on the problem. Director of National Intelligence, Dan Coates, a former ambassador, was uncharacteristically blunt during Senate testimony: “The security clearance process is broken…it needs to be reformed.” Senator Mark Warner recently went a step further, writing that “the process needs to be revolutionized, not reformed.”

Thankfully, most people in government, industry, and think tanks who work on security clearance issues generally agree on what needs to be done to fix the problem. Unhappily though, no one seems to understand how to get it done in practice. Why is this?

The responsibility for security is diffused (and somewhat confused) throughout the government –

OMB, OPM, DoD, and ODNI all play various policy roles. The leadership of these offices functions through a loose confederation known (without irony) as the “Performance Accountability Council.” Dozens of agencies tend to water down PAC policies with their unique exceptions and interpretations. While the dedicated officials in the bureaucracy work hard to make all this work in practice, they are incentivized to follow labor-intensive, paper-laden procedures that are ill-suited to the digital age. With no one in charge and risk tolerance set to zero, well-intentioned reforms will continue to flounder.

We suggest an approach that we proposed to the new Administration when serving on President Trump’s Transition Team. The PAC Principals should enter into a pact to (temporarily) relinquish their individual, policy sovereignty and invest it (again temporarily) in one distinguished, trusted, “Policy Surrogate.” This Surrogate would harmonize these diffuse authorities to drive needed change across the government on behalf of these Principals -- managing risk to implement a five-part program that all could sign up to.

First, when a government official or contractor is granted a clearance, that clearance should automatically transfer between government agencies. The lack of clearance “reciprocity” is a costly barrier serving no purpose.

Second, clearances should be “portable,” like TSP or 401K retirement plans. Today, if a cleared government employee leaves service for even a few weeks, the whole, multi-month investigative process must crank up anew. Similarly, when a contractor moves from supporting one agency to another (or even from one contract to another within the same agency), that contractor’s clearance is typically re-adjudicated.

Third, the rules that security investigators must follow need to be rewritten to eliminate low-value, time-consuming, personal visits in favor of automated electronic records searches.

Fourth, we need to replace mandatory 5 and 10-year reinvestigations with reliance on continuous vetting. This vetting system would harness technology to evaluate everything that clearance-holders do at work. It would also evaluate all the publicly-available information about what they do outside of work. By limiting this to publicly available information like credit reports and police records, there is no sacrifice to privacy. The advantages of continuous vetting over periodic reinvestigations are clear. It provides more information to decisionmakers, in minutes rather than years. As a result, it will save time and money, increase capacity to protect the nation (by increasing the number of people we can get cleared); reduce the backlog; all-the-while improving security.

Fifth policies prevent the government and industry from sharing important information on cleared contractors that each holds individually. As a result, red flag indicators slip between the cracks. An information sharing program is needed between industry and government.

A Surrogate can get this done and Congress also has a crucial role. It should establish clear goals, milestones, and benchmarks and hold the Executive Branch strictly accountable with sustained oversight, including joint committee hearings. And where course correction is required, Congress should provide strong and directive report language.

These recommendations are not new. What no one has quite figured out, however, is how to implement these steps when agency responsibilities are so diffuse, and the tolerance for risk is near zero. Senator King put his finger on the problem during a Senate Intelligence Committee hearing this March, “If everyone is in charge, then no one is in charge.” Mr. President, put someone in charge. Now.

Geof Kahn and Bryan Smith are Visiting Fellows at George Mason University Scalia Law School’s National Security Institute. Both Mr. Kahn and Mr. Smith previously served on the Presidential Transition Team as well as on the staff of the House Intelligence Committee. In addition. Mr. Kahn previously served as a senior advisor to the CIA's Chief Operating Officer and Mr. Smith has previously held senior management positions at the Office of Director of National Intelligence and the National Reconnaissance Office.